Discussion forum LIHKG and HKGOLDEN cannot be loaded in Private Browsing Mode after bug 1776109
Categories
(Core :: Privacy: Anti-Tracking, defect, P1)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox-esr91 | --- | unaffected |
| firefox-esr102 | --- | unaffected |
| firefox102 | --- | unaffected |
| firefox103 | --- | unaffected |
| firefox104 | + | verified |
People
(Reporter: Fanolian+BMO, Assigned: saschanaz)
References
(Regression, )
Details
(Keywords: nightly-community, regression, reproducible)
Attachments
(1 file)
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:104.0) Gecko/20100101 Firefox/104.0
Build ID: 20220630212430
Steps to reproduce
- Use a new profile. Leave all settings as default. Make sure
dom.indexedDB.hide_in_pbmode.enabledis set totrue. - Open a Private Browsing Window.
- Visit https://lihkg.com or https://forum.hkgolden.com/. (2 popular Hong Kong discussion forums in Chinese)
Actual result
The content windows for both forums are showing blank.
Expected result
Both should load properly.
Workaround
Set only dom.indexedDB.hide_in_pbmode.enabled to false.
dom.caches.hide_in_pbmode.enabled or dom.serviceWorkers.hide_in_pbmode.enabled can be left as true.
Regression
Last good Nightly: 2022-06-29
First bad Nightly: 2022-06-30
Pushlog: https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=401c2d7e80fba6483348d1d0514c768f7180e734&tochange=65f99678a1efc85ec58cae26d8762fcfbd702a9d
Bisecting autoland builds:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=80116c1aa5c8532275bdd113ce2c431df4f0d994&tochange=e64c83e9d62d19e3f8da181736595423b2bddb52
This is regressed by bug 1776109.
Notes
Both sites can be loaded properly in a Normal Browsing window.
[Tracking Requested - why for this release]:
https://lihkg.com/ is a top 20 visited site in Hong Kong according to a quick google search.
|
||
Comment 3•3 years ago
|
||
Set release status flags based on info from the regressing bug 1776109
|
|
||
Comment 4•3 years ago
|
||
:saschanaz, since you are the author of the regressor, bug 1776109, could you take a look?
For more information, please visit auto_nag documentation.
|
|
||
Comment 5•3 years ago
|
||
The bug has a release status flag that shows some version of Firefox is affected, thus it will be considered confirmed.
|
Assignee | |
Comment 6•3 years ago
•
|
||
It seems the website is replacing methods of IDBIndex and IDBCursor with its proxy function. (Oh no please don't touch the prototype objects 😭)
Both websites share the same code, probably a library? It's webpacked so I'm not sure where it's from.
|
|
Assignee | |
Comment 7•3 years ago
|
||
Hmm, I found the library, it's jakearchibald/idb. (Super popular library with 3M weekly downloads on NPM)
The problematic code here is from it's version 3 where it does not check existence of IDB interfaces: https://github.com/jakearchibald/idb/blob/e1c7c44dbba38415745afc782b8e247da8c833f2/lib/idb.mjs#L95
The newer versions seemingly have the same issue, so I guess we'll probably have to unflip the pref.
It seems the website is replacing methods of IDBIndex and IDBCursor with its proxy function
I don't think this is the case. Looks to me like the ProxyClass e.g. Index just wraps the original functions calls to IDBIndex.
|
|
Assignee | |
Comment 9•3 years ago
|
||
Oh sorry, I forgot to correct my previous statement. Thanks for doing that for me.
|
|
Assignee | |
Comment 10•3 years ago
|
||
So my current thought is that either:
- The idb pref should not hide any IDB interfaces
- The idb pref should not hide the affected IDBCursor and IDBIndex but should still hide the others just in case
I think 2 is probably okay, but I wonder any other library does the similar thing.
|
|
Assignee | |
Comment 11•3 years ago
|
||
This fixes websites using jakearchibald/idb which has been downloaded 3 million times in NPM (https://www.npmjs.com/package/idb).
The library creates proxies for those interfaces while assuming those are always globally available, and we get an undefined identifier error if those don't exist.
Only the version 3 is affected and v4+ is okay per my testing. Per NPM v3.0.2 is downloaded 1 million times, so it's probably safe to make it work.
|
||
Updated•3 years ago
|
|
||
Updated•3 years ago
|
|
Reporter | |
Comment 12•3 years ago
|
||
(In reply to Kagami :saschanaz from comment #11)
Only the version 3 is affected and v4+ is okay per my testing. Per NPM v3.0.2 is downloaded 1 million times, so it's probably safe to make it work.
v3.0.2 is the last version to support IE11 according to the changelog. Perhaps that's why it is still downloaded many times after 3 years.
|
|
Assignee | |
Comment 13•3 years ago
|
||
Thanks! That makes sense.
|
||
Comment 14•3 years ago
|
||
|
||
Updated•3 years ago
|
|
||
Comment 15•3 years ago
|
||
| bugherder | ||
|
||
Updated•2 years ago
|
|
||
Comment 16•2 years ago
|
||
Reproduced this bug using an affected Nightly build from 2022-07-01, using STR mentioned in comment 0.
The issue is verified as fixed on Beta 104.0b4, across platforms: Win 10 x64, macOS 11 and Ubuntu 18.04 x64.
Description
•